[rt-users] 3.8.9 broke RT::Authen::ExternalAuth?

[Tim Cutts]

I've updated a test server to RT 3.8.9 from 3.8.8, and it doesn't seem to be authenticating LDAP users any more (ExternalAuth version is 0.08).  I switched on debugging, and get this in my logs:

[Thu Feb 17 21:35:23 2011] [debug]: given_pass undefined (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:37)
[Thu Feb 17 21:35:23 2011] [debug]: Attempting to use external auth service: ldap.internal.sanger.ac.uk (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:71)
[Thu Feb 17 21:35:23 2011] [debug]: SSO Failed and no user to test with. Nexting (/opt/rt3/local/plugins/RT-Authen-ExternalAuth/lib/RT/Authen/ExternalAuth.pm:99)

So it seems that while the Auth callback is indeed being called from HandleRequest in RT::Interface::Web, it isn't being called with the arguments from the HTTP request - something's clearing them out.  I tried adding a few extra debug statements to that HandleRequest, and it appears that HandleRequest is called a couple of times for each login attempt.  On the first call, the user and pass parameters are passed in, but the Auth callback is never called.  On the second call, the parameters are missing, and the callback *is* called.

Has anyone else had a go at RT 3.8.9 with RT::Authen::ExternalAuth?  Is it just my setup that isn't working or is it a more widespread problem?

I find myself wondering whether it's fallout from the changes to prevent the back button authentication issue...

Tim

-- 
 The Wellcome Trust Sanger Institute is operated by Genome Research 
 Limited, a charity registered in England with number 1021457 and a 
 company registered in England with number 2742969, whose registered 
 office is 215 Euston Road, London, NW1 2BE.